summaryrefslogtreecommitdiff
path: root/app-crypt
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2024-03-08 19:07:58 +0000
committerV3n3RiX <venerix@koprulu.sector>2024-03-08 19:07:58 +0000
commit8edd4a48a39640822abe6ddb7b2a1d5b2da4ea70 (patch)
treedd40a3ea9cdcc06c8c63bd2ee71c2c2c0ea11549 /app-crypt
parent7825305c5ddf11fffe24fa30453c4e8468f64305 (diff)
gentoo auto-resync : 08:03:2024 - 19:07:58
Diffstat (limited to 'app-crypt')
-rw-r--r--app-crypt/Manifest.gzbin24803 -> 24802 bytes
-rw-r--r--app-crypt/tpm2-tss/Manifest2
-rw-r--r--app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch27
-rw-r--r--app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild109
4 files changed, 138 insertions, 0 deletions
diff --git a/app-crypt/Manifest.gz b/app-crypt/Manifest.gz
index 6a967e71d0cf..8d82a224de06 100644
--- a/app-crypt/Manifest.gz
+++ b/app-crypt/Manifest.gz
Binary files differ
diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest
index 394e51c9421e..a62b3cd1e086 100644
--- a/app-crypt/tpm2-tss/Manifest
+++ b/app-crypt/tpm2-tss/Manifest
@@ -1,5 +1,7 @@
AUX tpm2-tss-4.0.0-Dont-install-files-into-run.patch 880 BLAKE2B 8ae9b55e853dcd117730eebc274252ea7afc4e3e415eafb21d3994690687cc9daa796a97536597da8cbfc4f54567cbb678fe61ba4eb4fdc1dee6d851d472efa3 SHA512 811dd1d2597557cf9fd08d7231cd5f48a8dd9dc76adf33bc4a0ee978dc8973fc5309bdc7386cbd9878b78dba1b4a8ecf9c2e2f856c887b141a423f0d94e3244e
+AUX tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch 1493 BLAKE2B 4e22a79f54758295905625ce907ee1d718ec8ab34e1917f376c2e318beabbcd424588458bb0360757d8027b87ca7fb14279585fb35e29a7bd53d7eb3fdb43c99 SHA512 f4badedc611e9903daa034306c6cca3b0a3f3ed56350af18f48586c67ffba9f4b5cc8784e4d008b123b885c33b7a3fbfd1c5bc846aa35ab648cd48be3476deb1
AUX tpm2-tss-4.0.1-Make-sysusers-and-tmpfiles-optional.patch 1814 BLAKE2B 259a2b4618eeaf34228a07d6e9479658e04b7e36affa6d8d894563014a3f9ba571f1676623b744c1158ceb2fd738fe627fad76014b1893471a9467da41847f2e SHA512 78f1f6d5a448f29fd5dfbfadfb1913464d8e55eabebc9c0eca16c70031bcee9198742b1567eba2bae444cf11e32bea3c3663db155eb1e8da750ba8bb78d725c0
DIST tpm2-tss-4.0.1.tar.gz 1787139 BLAKE2B 627cdefeff6c64148f9da1425922a0a7a72debcee4930ffab208a3b9b66127c2d4f923e3e105bfd45410cdb13c19cb40cc15a720e9a05dd32ff622dabf5fcc32 SHA512 ed6ddc52cb0e8c1082a4bb001e1225eb9905fd2380da88db5fd69ff5b5d9d43a93eb67b634e49d53eb5d586832da3aef2c4c7e5f18d51bb730481f8913319d7d
+EBUILD tpm2-tss-4.0.1-r1.ebuild 2588 BLAKE2B b9a58449aa540dd800e5453091c464edeba60987e0119044cf0caccfbb14ef7d15c7fc28ee27d45d80044f4b6d4df9c56cbead18fffd4819afd53dde921692f0 SHA512 bad17cc8511c05ff8295c1812ac78f48c097563efe2224d9bcf6d3f1cd131149571596f1fc47a7423ee10b88b7221ae8f52bbe05a01ab402369a66ba0a8e62d5
EBUILD tpm2-tss-4.0.1.ebuild 2492 BLAKE2B a31affba60e4b53ba69ba9bc3dece3bfca550cad98eb21d5cabb4b24e427b321fdb4104cabe6676e8128719d1e0dbf8992ad778df025f2709aefe078e01c3458 SHA512 502461ec7f03aba7d346ede6db2b0f365f16c5e37d4272f27467f62d84c09c12258994f22733f33e3869fa90fefe1fb2e3004e4ec38e5276a67f1ada32442749
MISC metadata.xml 835 BLAKE2B 58fcbb63b8fd77dd42f081e060cec1fc5593d13ad9237bd644462fd839a1fea9936342d5339a3ec8d339106ca6074c73ac31e7546feb0f1c5f0f212b21831d8a SHA512 941bfce986619b387410d49fe046218a388243c257a3164293033f8ebb4e2d64d7ff06d35dd4ef770a9e9194035839d68dcf1f00edbe439272c2e9c01ecb3c6b
diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
new file mode 100644
index 000000000000..83f123ffdc52
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch
@@ -0,0 +1,27 @@
+From 0632885d08917092ffc8d98febd158745a74465a Mon Sep 17 00:00:00 2001
+From: Daan De Meyer <daan.j.demeyer@gmail.com>
+Date: Fri, 4 Aug 2023 16:07:52 +0200
+Subject: [PATCH] Do not consider failures to write files in /sys hard errors
+
+systemd-tmpfiles can run in containers, chroots, ... where writing to /sys will fail, so let's suffix these lines with "-" to avoid considering these cases hard errors.
+
+Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com>
+---
+ dist/tmpfiles.d/tpm2-tss-fapi.conf.in | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+index 7ea3c652..51ff78e5 100644
+--- a/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
++++ b/dist/tmpfiles.d/tpm2-tss-fapi.conf.in
+@@ -3,5 +3,5 @@ d @localstatedir@/lib/tpm2-tss/system/keystore 2775 tss tss -
+ a+ @localstatedir@/lib/tpm2-tss/system/keystore - - - - default:group:tss:rwx
+ d @runstatedir@/tpm2-tss/eventlog 2775 tss tss - -
+ a+ @runstatedir@/tpm2-tss/eventlog - - - - default:group:tss:rwx
+-z /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
+-z /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
++z- /sys/kernel/security/tpm[0-9]/binary_bios_measurements 0440 root tss - -
++z- /sys/kernel/security/ima/binary_runtime_measurements 0440 root tss - -
+--
+2.43.0
+
diff --git a/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
new file mode 100644
index 000000000000..558f221a5be8
--- /dev/null
+++ b/app-crypt/tpm2-tss/tpm2-tss-4.0.1-r1.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info multilib-minimal tmpfiles udev
+
+DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack"
+HOMEPAGE="https://github.com/tpm2-software/tpm2-tss"
+SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/4"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="doc +fapi +openssl mbedtls +policy static-libs test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="
+ ^^ ( mbedtls openssl )
+ fapi? ( openssl !mbedtls )
+ policy? ( openssl !mbedtls )
+"
+
+RDEPEND="
+ acct-group/tss
+ acct-user/tss
+ sys-apps/util-linux:=[${MULTILIB_USEDEP}]
+ fapi? (
+ dev-libs/json-c:=[${MULTILIB_USEDEP}]
+ >=net-misc/curl-7.80.0[${MULTILIB_USEDEP}]
+ )
+ mbedtls? ( net-libs/mbedtls:=[${MULTILIB_USEDEP}] )
+ openssl? ( dev-libs/openssl:=[${MULTILIB_USEDEP}] )
+"
+
+DEPEND="
+ ${RDEPEND}
+ test? ( app-crypt/swtpm
+ dev-libs/uthash
+ dev-util/cmocka
+ fapi? ( >=net-misc/curl-7.80.0 ) )
+"
+
+BDEPEND="
+ sys-apps/acl
+ virtual/pkgconfig
+ doc? ( app-text/doxygen )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-4.0.0-Dont-install-files-into-run.patch"
+ "${FILESDIR}/${PN}-4.0.1-Make-sysusers-and-tmpfiles-optional.patch"
+ "${FILESDIR}/${PN}-4.0.1-Do-not-consider-failures-to-write-files-in-sys-hard.patch"
+)
+
+pkg_setup() {
+ local CONFIG_CHECK="~TCG_TPM"
+ linux-info_pkg_setup
+ kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # Fails with inlining
+ filter-flags -fno-semantic-interposition
+ # tests fail with LTO enabbled. See bug 865275 and 865279
+ filter-lto
+
+ local myconf=(
+ --localstatedir=/var
+ $(multilib_native_use_enable doc doxygen-doc)
+ $(use_enable fapi)
+ $(use_enable policy)
+ $(use_enable static-libs static)
+ $(multilib_native_use_enable test unit)
+ $(multilib_native_use_enable test integration)
+ $(multilib_native_use_enable test self-generated-certificate)
+ --disable-tcti-libtpms
+ --disable-defaultflags
+ --disable-weakcrypto
+ --with-crypto="$(usex mbedtls mbed ossl)"
+ --with-runstatedir=/run
+ --with-udevrulesdir="$(get_udevdir)/rules.d"
+ --with-udevrulesprefix=60-
+ --without-sysusersdir
+ --with-tmpfilesdir="/usr/lib/tmpfiles.d"
+ )
+
+ ECONF_SOURCE=${S} econf "${myconf[@]}"
+}
+
+multilib_src_install() {
+ default
+ keepdir /var/lib/tpm2-tss/system/keystore
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ tmpfiles_process tpm2-tss-fapi.conf
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}